Security

Secure your sensitive data with multiple authentication methods, real-time monitoring, and alerts designed to protect both you and your accountholders.

Authentication

Biometric or 4-Digit Access

Users can take advantage of fingerprint authentication, FaceID, or a 4-digit passcode to quickly, securely access the app.

FIDO® Token Support

Enables users to securely authenticate and verify their identity using a physical key that can be plugged into their device, providing a simple one-step authentication method.

Forgotten Username and Password

Sometimes users forget their username or password. Self-service account recovery gets them back in safely.

Micro-Deposit Verification

Verify authentic accounts with small deposit transfers.

Two-Factor Authentication

Help protect user accounts from unauthorized access by requiring an additional sign-in code.

Unified Identity Service (UIS)

Allows users to have a single set of login credentials across multiple platforms while supporting two-factor authentication (2FA) and additional authenticator products like FIDO tokens and Google Authenticator.

Coming Soon

Back-office Management

Block User at Login

Help protect user accounts by preventing unauthorized access during configuration. Set and enforce a score threshold with Mastercard’s NuDetect that will trigger a risk event on suspicious and fraudulent activity right within Banno People's back office.

Device List

View every device a user has logged in from, and remove some or all that are listed. This is a great way to check outdated browser or app user issues.

Manage Two-Factor Authentication (2FA)

Verify a user’s 2FA phone number, enrollment setting, reset their 2FA settings, and send users a one-time text or email to have them verify their identity.

Password Reset

Send users a one-time text or email with a magic link to set a new password. No temporary passwords here, the user will choose a new password and two-factor authentication (2FA) in their account.

Verify a User

Send user a one-time text or email to have them verify their identity.

Security & Fraud Reporting

Enrollment Attempts

Keep track of all enrollment attempts, and which users made it through the enrollment process.

New Users with Unverified 2FA Information

View report of users who are enrolled in 2FA, but used a phone number that is not on their core record. This allows you to keep core validation turned off, but still manage the risk by reviewing these users manually.

Potentially Compromised Users

View a report that will indicate if a user’s password may have been correctly guessed by a credential stuffing attacker. 2FA is still in effect, but the account may warrant some special attention, such as accounts with a 2FA phone number that does not match their core record.

Rate-Limiting

View any rate limiting occurring in near real-time. While this chart is helpful during initial implementations, its primary purpose is to allow you to monitor credential stuffing activity. If the chart says “there is no data” then that means no users are getting blocked.

Rejected Users

See a list of rejected users and enable them if needed.